Want the full experience?

2109-05-08

Sign up to like post

Sign up to like post

Share

Security

Credential Stuffing:

It’s an overly-complicated name for a simpler concept. In credential stuffing, attackers use already-exposed passwords to access new systems. This attack works because many people use the same password for multiple things.

How can you protect yourself?

Signup for Have I Been Pwned. Any time a service or HIBP warns you that your account may have been compromised, reset your password for that site.

Use a password manager (like LastPass or 1Password) as a hassle-free way to create unique passwords for each place you login. Use it for everything.

Enable multi-factor authentication (MFA) for your key accounts. Most major services will have information on their site about how to do this. Note: it may be called “Two-factor authentication” (2FA).

Enable MFA for your password manager first

Next, enable MFA for the email address(es) that you use to sign up for most sites, as this also helps protect your password resets

If our privacy extends only as far as we expect it to, then as soon as we begin expecting companies to collect lots of data about us, we stand to lose our Fourth Amendment protections for that data. The frequent data breaches we are exposed to and the continuous analysis of our information for the purpose of serving us ads may not just be changing our attitudes and ideas about privacy. They may actually be changing our legal rights, simply by rewiring our expectations of how much control we have over our personal data.

Society

In contrast to marches or other “top-down” organized protests, these creative nonviolent tactics have the potential to harness the imaginations and dynamism of more people in the community as they take ownership and become co-creators of their actions.

Private companies aren’t subject to the same pressure as elected officials and government agencies, but it’s unsurprising that shareholders are recognizing the serious harm to civil and human rights the company will be linked to through its work on this project. Transparency is often the first step towards accountability, and we are glad to see shareholders holding the company to account, and pressing it to publicly report how it applies its human rights policy to its work building technology that endangers human rights.

Biometric and behavioral data are easy to lose and abuse. Working with them—or any other powerful and dangerous data—requires a high standard of ethics and accountability.

Where can you be a good steward or advocate for safety of data—and the people behind the data?

"Punch up, not down” might apply to “disruption”, too:

When you’re building a new platform, your targets should be the slow, inefficient mega-corporations further up the food chain. By punching up here, you’re probably removing gatekeepers and democratizing a part of the market that had been previously locked up by one or two established players. Conversely, if your technology disrupts, say, public transport or the social welfare system, you’re punching down: your platform negatively affects people with less power than you. Rather than democratizing, you’re locking up an important resource that was previously owned by the people.

Do you practice Niksen, meditation, or other techniques that help with focus, creativity, and mental health? What do you find most helpful?

Whereas ordinary fitness is about size and ordinary sports is about achieving the best performance under the best conditions, functional fitness is about strength, agility, speed, dexterity and achieving the best performance under the worst conditions.